On our PAAS platform, users have to verify their email address through the email we send to them. We have noticed that we miss many leads as user enter their email address on our site but never click ...

I am redesigning my login page to be a tabbed modal (sign in / register). I asked my wife "which do you prefer, sign in page or a pop up / slide down sign in page," and she surprised me by saying the ...

I have to design an email verification flow and i'm looking to find succinct language to let my iOs app users know that they will receive a verification email with a link they can click before they ...

I am building a system to be used for polling during an election. Security is a massive issue as I'm sure you understand!
We are using two factor authentication so the user will be asked to supply a ...

I'm creating an account system for my website and the account controls will be in the top right corner, as shown in the samples below. The more stuff I add to the top bar, however, the more cluttered ...

I have a small application that I'm making for both Android and iOS. On the first screen users see, they have to fill in a code. This code gets checked with the server, and the server also returns the ...

I am working on a series of utility mobile apps whittle residential real estate investors manage their businesses. The apps I am developing are highly specialized and impactful. I plan on making them ...

Imagine a user logged into my iOS app using their Google account. Months later, they are trying to create an account using their email address (the same one connected to their previous Google social ...

I'm a developer. Our UX guy is asking us to allow spaces in usernames. The caveat is that they should be allowed anywhere.
So entering the username 'JohnDoe' is the same as 'John Doe' is the same as ...

I am working on the flow for password recovery and can't determine where to redirect the user once an email has been sent to help them complete the process. They enter their email address on this page ...

I have a couple video games on my website, and to be able to add account-based features I'm implementing a login system for my site. My goal with the login system is to allow users who aren't logged ...

I was reading about UX and passwords to try to decide on explaining the requirements (ex: 1 capital letter, 1 number, 1 special character,eight characters) and came across this answer which sent me ...

Due to a technical limitation / privacy settings openid does not always return an email. This leads to the following convoluted signup process:
User clicks on login with facebook.
User enters email ...

First I had a social signin which was nearly identical to the old stackexchange login and my login looked almost exactly like SO:s "login with google" "Login with facebook". Now we have designed our ...

I am developing a new web application and was wondering if I should have people pick their usernames and login with their usernames or should I have them login via their email addresses.
Which option ...

Right now, when a user logs in, on top of the page it shows it's nick name and an exit icon to sign out.
I'm about to implement an "impersonate user" feature and I was wondering how to make it clear ...

What's considered better for UX?
User clicks on the log-in link/button, afterwards she is taken to another page where she can fill the log-in form. Example: Yahoo.
User clicks on the log-in dropdown ...

I am designing a simple web application. The only main function is displayed in homepage, together with other product feature promotion. On the top of the page, there are two buttons, for sign up and ...

Assuming logging in with Facebook/Google etc. gives the social media company access to and ability to record all the interactions of the user on your website, how does this affect the behaviour of the ...

We are implementing a temporary account lockout after throttling login attempts and actively directing users to reset their password. Users can still go through the reset journey even during temporary ...

When I'm logging into a website, I ALWAYS forget to tick the "Remember Me" checkbox.
While the system is logging me in, I always want to go back and tick that, but by the time I'm being redirected to ...

What I am trying to avoid here is brute force attacks on a user's password. And I am thinking about doing that by invalidating his password when too many attempts are made in the same minute, hour, ...